November 29, 2019

IAMAI seeks clarity in Personal Data Protection Bill

[ By Kavita Krishnan ]


The Internet and Mobile Association of India (IAMAI) has sought clarity over the Personal Data Protection (PDP) Bill, which is in the public domain for consultation.

At a roundtable discussion over the Bill, the IAMAI said there were several areas of ambiguity in the Bill that could cause unnecessary compliance burden.

According to the IAMAI “The Bill categorizes data as personal data, sensitive personal data and critical personal data, but the industry lacks clarity as which data falls under which head, and hence is not equipped to take necessary precautions.”

The Bill speaks of consent and explicit consent for different categories of data, but there was no clarity on what would qualify as consent and explicit consent, according to IAMAI. According to experts, several areas of the draft Bill were ambiguous and called for clarifications so that businesses could fully comprehend the extent of adjustments they will have to do to comply with them.

“The problem gets aggravated when data collection and processing are done by different agencies, in which case, each fiduciary will have to take consent at every step of the operation,” said the report.

As per the discussion, obtaining consent at all points of data collection and processing is at times either impossible, impractical or unnecessary. “As long as the data processing doesn’t deviate from the original purpose, repeated consent requirements should not be imposed”, the association said.

The PDP applies to all sectors of the economy that collect personal data.

As many digital services are actually digitalization of offline businesses, it expressed concern over preparedness of various sectors to handle the provisions.

The roundtable on the “impact of the draft PDP Bill on the ‘ease of doing business’ in India” was to initiate a dialogue between key industry representatives, civil society and media personnel.

The discussion among the industry representatives, which included Indian and oversees companies, revolved around the areas of ambiguity that needed to be clarified for businesses to comprehend the extent of adjustments they will require to comply with it.

To enhance ease of doing business, companies should be permitted to self-determine reasonable purposes of data processing, it said.

All legal bases for collecting, using and disclosing personal data should be treated equally instead of relying on consent as the primary ground for processing personal data, the IAMAI advocated.

Related Post

latest News

  • Foreign decrees passed in UAE can now be enforced in India after reciprocal agreement between the two nations

    The Central Government has issued a notification declaring United Arab Emirates (UAE) to be a reciprocating territory and that foreign civil decrees p...

    Read More
  • SBI-Led Consortium To Move NCLT Against Jet Airways To Seek Proceedings Under Insolvency And Bankruptcy Code

    An SBI-led consortium of banks is set to take Jet Airways to the National Company Law Tribunal (NCLT) under the Insolvency and Bankruptcy Code (IBC) a...

    Read More
  • DGCA Gives IndiGo, GoAir Until November 24 To Replace Pratt & Whitney Engines On Their A320 Neo Aircraft

    Civil aviation regulator Directorate General of Civil Aviation (DGCA) has extended the deadline to replace engines on 36 Airbus A320Neo aircraft opera...

    Read More